revshfuzzA tool for fuzzing for ports that allow outgoing connections
Stars: ✭ 18 (-91.78%)
P0wny ShellSingle-file PHP shell
Stars: ✭ 949 (+333.33%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-44.29%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-94.06%)
kumasia./kumasia php simple backdoor
Stars: ✭ 13 (-94.06%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+952.51%)
Learning-Node.js-SecurityA Collection of articles, videos, blogs, talks and other materials on Node.js Security
Stars: ✭ 25 (-88.58%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-87.67%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (-70.78%)
HouseA runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Stars: ✭ 910 (+315.53%)
SlurpEvaluate the security of S3 buckets
Stars: ✭ 183 (-16.44%)
hsploitAn advanced command-line search engine for Exploit-DB
Stars: ✭ 16 (-92.69%)
Androl4bA Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
Stars: ✭ 908 (+314.61%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (+1625.57%)
DnsliveryEasy files and payloads delivery over DNS
Stars: ✭ 332 (+51.6%)
Kali-Linux-EbooksTop 20 Kali Linux Related E-books (Free Download)
Stars: ✭ 134 (-38.81%)
Scanlessonline port scan scraper
Stars: ✭ 875 (+299.54%)
PycatPython network tool, similar to Netcat with custom features.
Stars: ✭ 162 (-26.03%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+49.77%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-65.75%)
Kubernetes GoatKubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (+296.35%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-13.24%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-21.92%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+676.26%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+445.21%)
PivotsuiteNetwork Pivoting Toolkit
Stars: ✭ 329 (+50.23%)
RulerA tool to abuse Exchange services
Stars: ✭ 1,684 (+668.95%)
vsauditVOIP Security Audit Framework
Stars: ✭ 104 (-52.51%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+286.76%)
transportc2PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
Stars: ✭ 22 (-89.95%)
Cloudflair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+436.99%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (+47.95%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+43.84%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-26.03%)
anubisCaptive wifi hotspot bypass tool for Linux
Stars: ✭ 46 (-79%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-88.58%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-83.11%)
KarkinosPenetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: ✭ 115 (-47.49%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-87.67%)
ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (+47.03%)
GivingstormInfection vector that bypasses AV, IDS, and IPS. (For now...)
Stars: ✭ 72 (-67.12%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+1818.72%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (-42.01%)
BrutusA Python-powered exploitation framework and botnet.
Stars: ✭ 17 (-92.24%)
STEWSA Security Tool for Enumerating WebSockets
Stars: ✭ 154 (-29.68%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+596.8%)
Mongoaudit🔥 A powerful MongoDB auditing and pentesting tool 🔥
Stars: ✭ 1,174 (+436.07%)
SmogcloudFind cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-23.29%)
Pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+910.5%)
OscpOur OSCP repo: from popping shells to mental health.
Stars: ✭ 71 (-67.58%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (+44.75%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-68.04%)
AirgeddonThis is a multi-use bash script for Linux systems to audit wireless networks.
Stars: ✭ 3,830 (+1648.86%)
OsintgramOsintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Stars: ✭ 312 (+42.47%)